Passwords

[Barry Shein]

Years ago I suggested on this list that vendors modify the password
algorithm so that at system installation a key could be entered which
perturbs its behavior on a per-machine basis (obviously a system admin
could choose to use the same key on every machine in an area so
password files could be shared.) This would frustrate the possibility
of someone on the outside picking up the encryptions and working on it
on another machine.

The hostname isn't a great idea because everyone knows the hostname.
I'd lean towards a key that was entered (possibly into NVRAM, tho
other schemes could be devised) when the system was installed.

>From there on it would just be automatically used to encrypt tries.

Standardization is a wonderful thing, but perhaps some things just
shouldn't be so standardized.

-- 
        -Barry Shein

Software Tool & Die    | bzs at world.std.com          | uunet!world!bzs
Purveyors to the Trade | Voice: 617-739-0202        | Login: 617-739-WRLD